<?php
 if(!$logged_in) exit();
?>

<h1>Nachricht verfassen</h1>

<?php

if(isset($_GET["action"]) && $_GET["action"] == "send") {
 db_query("INSERT INTO messages (id, `from`, `to`, is_group, subject, text, date, flags) VALUES ('', '".secure_mysql_string($_SESSION["user"])."', '".secure_mysql_string($_POST["to"])."', 0, '".secure_mysql_string($_POST["title"])."', '".secure_mysql_string($_POST["text"])."', ".time(null).", ".(FLAG_UNREAD).")");
 
 echo "Nachricht wurde gesendet!";
}

?>

<script type="text/javascript">
 // --------- search --------
 function show_valid(v) {
  el = search_get_input();
  if(v) {
   el.style.backgroundColor = "#99FF66";
   document.getElementById("name_valid").value = "1";
  }
  else {
   el.style.backgroundColor = "#F64B4B";
   document.getElementById("name_valid").value = "0";
  }
 }
 
 function result_show(s) {
  el = search_get_resultcontainer();
  if(s) el.style.display = "";
  else {
   el.style.display = "none";
   el.innerHTML = "";
  }
 }
 
 function validate_form() {
  if(document.getElementById("name_valid").value == "0") {
   alert("Empfaenger ist ungueltig!");
   return false;
  }
  return true;
 }
</script>


<form action="index.php?page=nachrichten&amp;filter=new&amp;action=send" method="POST" onsubmit="return validate_form();">
 
<table class="write_message">
 <tr>
  <td>An</td>
  <td><input type="text" name="to" id="to" autocomplete="off" onkeyup="search('jahrgang', this.value, this.id, 'resjahr', 'result_show', 'show_valid');" onblur="search_cancel();">
  <br><div style="border: 1px solid black; width: 220px; display: none; position: absolute;" id="resjahr"></div><input type="hidden" id="name_valid" value="0"></td>
 </tr>
 <tr>
  <td>Betreff</td>
  <td><input type="text" name="title"></td>
 </tr>
 <tr>
  <td>Text</td>
  <td><textarea name="text"></textarea></td>
 </tr>
 <tr>
  <td>&nbsp;</td>
  <td><input type="submit" value="Senden"></td>
 </tr>
</table>
</form>
